IPtables is vast topic which can not be dealt in one post I will be posting this IPtables in different posts but will link all of them
IPtables basics
Iptables is a securit module in Linux kernel, this Iptables can be used a firewall(filter table),Internet sharing(NAT table),For altering Type Of Service(mangle table) and for non tracking purpose(Raw table)
Firewall definition:
A firewall is a security system consisting of a combination of hardware and software that limits the exposure of a computer or computer network to attack from crackers; commonly used on local area networks that are connected to the internet. This is acheived by Filter table
Internetsharing definition:
An Internet standard that enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. A NAT box located where the LAN meets the Internet makes all necessary IP address translations.
Mangling definition:
Mangling is defined as changing the Type of service value in IP header packet to get the desired values such as decreasing latency(for example telnet,ssh should required less latency) etc. This table is used for imporving some services performance
Non tracking packets definition:
Most of the system/network activitis are logged in some logs, if we want our packets to be not monitored we can use this table, This raw table(which is introduced in 2.6 version linux kernel for some special feature) will set value on each packet not to track where this packet is coming and going.
IPtables is nothing but a set of tables
A table is set of chains and target values.
A chain is nothing but a rule on a packet wether to forword or drop or Reject etc
A rule is nothing but setting a criteria for packet.
Iptables will work on targeting IP packets and chains
These targets may be
- ACCEPT
- DROP
- REJECT
- SNAT
- DNAT
- NOTRACK
- BALANCE
- CLASSIFY
- CLUSTERIP
- CONNMARK
- DSCP
- ECN
- LOG
- MARK
- MASQUERADE
- MIRROR
- NETMAP
- REDIRECT
- ROUTE
- SET
- TCPMSS
- TOS
- TRACE
- TTL
- ULOG
these chains may be
- INPUT (for packets destined to local sockets),
- FORWARD (for packets being routed through the box),
- OUTPUT (for locally-generated packets)
- PREROUTING (for altering packets as soon as they come in),
- POSTROUTING (for altering packets as they are about to go out).